0

I'm the following query to verify the login information posted by the form. But whenever I run the query i get internal server error. I'm not sure what i'm doing wrong.

<?php
if(isset($_POST["userName"]) && isset($_POST["password"])){
$userName = $_POST["userName"];
$password = $_POST["password"];
include "http://evocature.com/scripts/db_connect.php";
$results = mysql_query("SELECT id 
                        FROM admins 
                        WHERE userName = '$userName' 
                        AND password ='$password' LIMIT 1");

$existCount = mysql_num_rows($results);
if($existCount == 1){
    while($row  = mysql_fetch_array($results)){
        $id = $row["id"];   
    }
    $_SESSION["id"] = $id;
    $_SESSION["manager"] = $manager;
    $_SESSION["password"] = $password;
    header("Location: http://www.evocature.com/admin/index.php");
    exit();
}
else{
    echo 'Invalid Information';
    exit(); 
}

}
Guranjan Singh
  • 734
  • 2
  • 7
  • 24
  • I get the 500 internal server error – Guranjan Singh Feb 08 '14 at 01:58
  • 2
    [Please, don't use `mysql_*` functions in new code](http://bit.ly/phpmsql). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [red box](http://j.mp/Te9zIL)? Learn about [*prepared statements*](http://j.mp/T9hLWi) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://j.mp/QEx8IB) will help you decide which. If you choose PDO, [here is a good tutorial](http://j.mp/PoWehJ). **You are also wide open to [SQL injections](http://stackoverflow.com/q/60174)** – John Conde Feb 08 '14 at 02:00
  • 1
    Remove/comment out lines until the error goes away. Then you'll find your culprit. – John Conde Feb 08 '14 at 02:00
  • Follow John Condes advice and use PDO or MySQLi. Or at the very least, escape your data before using it in a query! – Phil Cross Feb 08 '14 at 02:06

1 Answers1

0

I belive you cant include http pages . Well not in this method .

Gal peretz
  • 126
  • 1
  • 8